package org.neu.ccs.secureim;

import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.util.Random;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;

//import org.bouncycastle.crypto.generators.DHParametersGenerator;
//import org.bouncycastle.crypto.params.DHParameters;


/*
 * Some helper functions to separate out the crypto aspects.
 */

public class CryptoHelper {
	
	static public KeyPair GenerateClientKeyPair(String user, char[] password, byte[] salt)
	{
		MessageDigest passHash = null;
		SecureRandom passRand = null;
		try {
			 passHash = MessageDigest.getInstance("SHA-256");
			 passRand = SecureRandom.getInstance("SHA1PRNG");
		} catch (NoSuchAlgorithmException e) {
			System.out.println("Error instantiating secure PRNG");
		}
		
		passRand.setSeed(passHash.digest(new String(password).getBytes()));
		passRand.setSeed(passHash.digest(user.getBytes()));
		passRand.setSeed(salt);
		
		return GenerateKeyPair(passRand);
	}
	
	static private KeyPair GenerateKeyPair(SecureRandom rand)
	{		
		KeyPairGenerator generator = null;
		try {
			generator = KeyPairGenerator.getInstance("RSA");
		} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
			System.exit(-1);
		}
		
		generator.initialize(2048, rand);
		KeyPair pair = generator.generateKeyPair();
		
		return pair;
	}
	
	
	static public byte[] PackRSA(PublicKey pub, Random r, byte[]... bits)
	{
		try
		{
			Cipher aciph = Cipher.getInstance("RSA/ECB/PKCS1Padding");
			Cipher sciph = Cipher.getInstance("AES");
			
			KeyGenerator kg = KeyGenerator.getInstance("AES");
			kg.init(256);
			Key symKey = kg.generateKey();
			
			sciph.init(Cipher.ENCRYPT_MODE, symKey);
			aciph.init(Cipher.ENCRYPT_MODE, pub);
			
			byte[] keyBits = aciph.doFinal(symKey.getEncoded());
			
			ByteArrayOutputStream out = new ByteArrayOutputStream();
	
			for( byte[] bit : bits)
				out.write(bit);
			
			byte[] encrypted = sciph.doFinal(out.toByteArray());
			
			out = new ByteArrayOutputStream();
			out.write(keyBits);
			out.write(encrypted);
			return out.toByteArray();
		}
		catch( Exception e)
		{
			e.printStackTrace();
			return null;
		}
	}
	
	static public byte[] UnpackRSA(PrivateKey priv, byte[] data)
	{
		try
		{
			Cipher aciph = Cipher.getInstance("RSA/ECB/PKCS1Padding");
			Cipher sciph = Cipher.getInstance("AES");
			
			aciph.init(Cipher.DECRYPT_MODE, priv);
			
			Key unwrappedKey = new SecretKeySpec(aciph.doFinal(data, 0, 256), "AES");
			
			sciph.init(Cipher.DECRYPT_MODE, unwrappedKey);
			byte[] outputBits = sciph.doFinal(data, 256, data.length - 256);
			return outputBits;
		}
		catch(Exception e)
		{
			e.printStackTrace();
			return null;
		}
	}
	
	static public byte[] SignRSA(PrivateKey priv, byte[]... bits)
	{
		try
		{
			Signature sig = Signature.getInstance("SHA256WithRSA");
			sig.initSign(priv);
			
			for( byte[] bit : bits )
				sig.update(bit);
			
			ByteArrayOutputStream out = new ByteArrayOutputStream();
			out.write(sig.sign());
			for( byte[] bit : bits )
				out.write(bit);
			
			return out.toByteArray();
		}
		catch( Exception e)
		{
			e.printStackTrace();
			return null;
		}
	}
	
	static public boolean VerifyRSA(PublicKey priv, byte[] bits)
	{
		try
		{
			Signature sig = Signature.getInstance("SHA256WithRSA");
			sig.initVerify(priv);
			
			sig.update(bits, 256, bits.length - 256);
			return sig.verify(bits, 0, 256);
		}
		catch( Exception e)
		{
			e.printStackTrace();
			return false;
		}
	}
}
